package org.skatiger.jrove.spring.security;

import java.io.IOException;

import org.skatiger.jrove.JroveException;
import org.skatiger.jrove.ViewContext;
import org.skatiger.jrove.component.UIComponentBase;
import org.springframework.beans.BeanWrapperImpl;
import org.springframework.beans.BeansException;
import org.springframework.security.core.context.SecurityContext;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.web.util.TextEscapeUtils;

public class Authentication extends UIComponentBase {
    //~ Instance fields ================================================================================================

    private String var;
    private String property;
    private boolean htmlEscape;

    //~ Methods ========================================================================================================

    public void setVar(String var) {
        this.var = var;
    }

    public void setProperty(String operation) {
        this.property = operation;
    }

    @Override
    public void encodeEnd(ViewContext context) throws IOException {
        super.encodeEnd(context);
        Object result = null;
        // determine the value by...
        if (property != null) {
            if ((SecurityContextHolder.getContext() == null)
                    || !(SecurityContextHolder.getContext() instanceof SecurityContext)
                    || (SecurityContextHolder.getContext().getAuthentication() == null)) {
                return;
            }

            org.springframework.security.core.Authentication auth = SecurityContextHolder
                    .getContext().getAuthentication();

            if (auth.getPrincipal() == null) {
                return;
            }

            try {
                BeanWrapperImpl wrapper = new BeanWrapperImpl(auth);
                result = wrapper.getPropertyValue(property);
            } catch (BeansException e) {
                throw new JroveException(e);
            }
        }

        if (var != null) {
            /*
             * Store the result, letting an IllegalArgumentException
             * propagate back if the scope is invalid (e.g., if an attempt
             * is made to store something in the session without any
             * HttpSession existing).
             */
            if (result != null) {
                getViewContext().setAttribute(var, result);
            } else {
                getViewContext().removeAttribute(var);
            }
        } else {
            if (htmlEscape) {
                writeMessage(context,
                        TextEscapeUtils.escapeEntities(String.valueOf(result)));
            } else {
                writeMessage(context, String.valueOf(result));
            }
        }
    }

    protected void writeMessage(ViewContext context, String msg)
            throws IOException {
        context.getResponseWriter().writeText(String.valueOf(msg), null);
    }

    /**
     * Set HTML escaping for this tag, as boolean value.
     */
    public void setHtmlEscape(boolean htmlEscape) {
        this.htmlEscape = htmlEscape;
    }

    /**
     * Return the HTML escaping setting for this tag,
     * or the default setting if not overridden.
     * @see #isDefaultHtmlEscape()
     */
    protected boolean isHtmlEscape() {
        return getPropertyValue("htmlEscape", htmlEscape, Boolean.TRUE);
    }
}
